TY - JOUR
T1 - Towards Automatic Detection of Nonfunctional Sensitive Transmissions in Mobile Applications
AU - Fu, Hao
AU - Hu, Pengfei
AU - Zheng, Zizhan
AU - Das, Aveek K.
AU - Pathak, Parth H.
AU - Gu, Tianbo
AU - Zhu, Sencun
AU - Mohapatra, Prasant
N1 - Publisher Copyright:
© 2002-2012 IEEE.
PY - 2021/10/1
Y1 - 2021/10/1
N2 - While mobile apps often need to transmit sensitive information out to support various functionalities, they may also abuse the privilege by leaking the data to unauthorized third parties. This makes us question: Is the given transmission required to fulfill the app functionality? In this paper, we make the first attempt to automatically identify suspicious transmissions from app visual interfaces, including app names, descriptions, and user interfaces. We design and implement a novel framework called FlowIntent to detect nonfunctional transmissions at both software and network levels. During the exercising of the given apps, FlowIntent automatically detects privacy-sharing transmissions and determines their purposes by utilizing the fact that mobile users rely on visible app interface to perceive the functionality of the app at certain context. The characterizations of nonfunctional network traffic are then summarized to provide network level protection. FlowIntent not only reduces the false alarms caused by traditional taint analysis, but also captures the sensitive transmissions missed by widely-used taint analysis system TaintDroid. Evaluation using 2125 sharing flows collected from more than a thousand running instances shows that our approach achieves about 94 percent accuracy in detecting nonfunctional transmissions.
AB - While mobile apps often need to transmit sensitive information out to support various functionalities, they may also abuse the privilege by leaking the data to unauthorized third parties. This makes us question: Is the given transmission required to fulfill the app functionality? In this paper, we make the first attempt to automatically identify suspicious transmissions from app visual interfaces, including app names, descriptions, and user interfaces. We design and implement a novel framework called FlowIntent to detect nonfunctional transmissions at both software and network levels. During the exercising of the given apps, FlowIntent automatically detects privacy-sharing transmissions and determines their purposes by utilizing the fact that mobile users rely on visible app interface to perceive the functionality of the app at certain context. The characterizations of nonfunctional network traffic are then summarized to provide network level protection. FlowIntent not only reduces the false alarms caused by traditional taint analysis, but also captures the sensitive transmissions missed by widely-used taint analysis system TaintDroid. Evaluation using 2125 sharing flows collected from more than a thousand running instances shows that our approach achieves about 94 percent accuracy in detecting nonfunctional transmissions.
UR - http://www.scopus.com/inward/record.url?scp=85114679110&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85114679110&partnerID=8YFLogxK
U2 - 10.1109/TMC.2020.2992253
DO - 10.1109/TMC.2020.2992253
M3 - Article
AN - SCOPUS:85114679110
SN - 1536-1233
VL - 20
SP - 3066
EP - 3080
JO - IEEE Transactions on Mobile Computing
JF - IEEE Transactions on Mobile Computing
IS - 10
M1 - 9086060
ER -